public Token Refresh(ServerDto serverDto, LoginDto loginDto, Token tokenToRefresh) { IAuthenticationService tokenService = null; if (serverDto.TokenType == TokenType.SAML) tokenService = new SamlTokenService(_webRequestManager); else tokenService = new JwtTokenService(_webRequestManager); return tokenService.Refresh(serverDto, loginDto, tokenToRefresh); }
public AuthTokenDto Login(ServerDto serverDto, LoginDto loginDto, string clientId) { IAuthenticationService tokenService = null; if(serverDto.TokenType == TokenType.SAML) tokenService = new SamlTokenService(_webRequestManager); else tokenService = new JwtTokenService(_webRequestManager); return tokenService.Authenticate(serverDto, loginDto, clientId); }
public void OnClickLoginButton (object sender, EventArgs e) { if (string.IsNullOrEmpty (TxtUsername.StringValue)) { UIErrorHelper.ShowAlert ("Please enter valid username", "Alert"); } else if (string.IsNullOrEmpty (TxtPassword.StringValue)) { UIErrorHelper.ShowAlert ("Please enter valid password", "Alert"); } else { LoginDto = new LoginDto () { User = TxtUsername.StringValue, Pass = TxtPassword.StringValue, TenantName = ServerDto.Tenant, DomainName = ServerDto.Tenant }; this.Close (); NSApplication.SharedApplication.StopModalWithCode(1); } }
public Token Refresh(ServerDto serverDto, LoginDto loginDto, Token tokenToRefresh) { var tenant = Uri.EscapeDataString(loginDto.TenantName); var url = string.Format(ServiceConfigManager.RefreshTokenEndPoint, serverDto.Protocol, serverDto.ServerName, serverDto.Port, tenant); ServicePointManager.ServerCertificateValidationCallback = delegate { return true; }; var data = string.Format(ServiceConfigManager.RefreshTokenArguments, tokenToRefresh.RefreshToken, tokenToRefresh.ClientId); var requestConfig = new RequestSettings { Method = HttpMethod.Post, }; var headers = ServiceHelper.AddHeaders(); var result = _webRequestManager.GetResponse(url, requestConfig, headers, null, data); var token = JsonConvert.Deserialize<Token>(result); token.RefreshToken = tokenToRefresh.RefreshToken; token.ClientId = tokenToRefresh.ClientId; return token; }
public AuthTokenDto Authenticate(ServerDto serverDto, LoginDto loginDto, string clientId) { var url = string.Format(ServiceConfigManager.SamlLegacyEndPoint, serverDto.Protocol, serverDto.ServerName, serverDto.Port, serverDto.StsUrl + "/" + loginDto.TenantName); string soapString = XmlResourceHelper.GetResourceXml("Vmware.Tools.RestSsoAdminSnapIn.Service.xml.SAMLRequest.xml"); int lifeInSeconds = 300; var dt = DateTime.Now; dt = TimeZoneInfo.ConvertTimeToUtc(dt); var dtEnd = dt.AddSeconds(lifeInSeconds); string format = "yyyy-MM-ddTHH:mm:ss.fffZ"; var pass = WrapInCDATA(loginDto.Pass); var principalName = loginDto.User + "@" + loginDto.DomainName; soapString = string.Format(soapString, dt.ToString(format), dtEnd.ToString(format), principalName, pass, dt.ToString(format), dtEnd.ToString(format)); ServicePointManager.ServerCertificateValidationCallback = delegate { return true; }; //var data = string.Format(ServiceConfigManager.LoginArguments, loginDto.User, loginDto.Pass, loginDto.DomainName, clientId); var requestConfig = new RequestSettings { Method = HttpMethod.Post, }; var headers = ServiceHelper.AddHeaders("text/xml"); var customHeaders = new Dictionary<string,string>(); customHeaders.Add("SOAPAction", "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue"); var responseFromServer = _webRequestManager.GetResponse(url, requestConfig, headers, customHeaders, soapString); XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = false; using (var reader = new StringReader(responseFromServer)) doc.Load(reader); var node = doc.GetElementsByTagName("saml2:Assertion")[0]; var signature = doc.GetElementsByTagName("ds:SignatureValue")[0]; var rawToken = string.Empty; if (node != null) { rawToken = node.OuterXml; } byte[] bytes = System.Text.Encoding.UTF8.GetBytes(rawToken); rawToken = Convert.ToBase64String(bytes); var token = new Token(rawToken, serverDto.TokenType) { Raw = rawToken, ClientId = clientId, Signature = signature.InnerXml,TokenType = TokenType.SAML.ToString()}; return new AuthTokenDto(Refresh) { Token = token, ClaimsPrincipal = null, Login = loginDto, ServerDto = serverDto }; throw new Exception(responseFromServer); }
public AuthTokenDto Authenticate(ServerDto serverDto, LoginDto loginDto, string clientId) { var tenant = Uri.EscapeDataString(loginDto.TenantName); var url = string.Format(ServiceConfigManager.LoginEndPoint, serverDto.Protocol, serverDto.ServerName, serverDto.Port, tenant); ServicePointManager.ServerCertificateValidationCallback = delegate { return true; }; var data = string.Format(ServiceConfigManager.LoginArguments, loginDto.User, loginDto.Pass, loginDto.DomainName, clientId); var requestConfig = new RequestSettings { Method = HttpMethod.Post, }; var headers = ServiceHelper.AddHeaders(); var result = _webRequestManager.GetResponse(url, requestConfig, headers, null, data); var token = JsonConvert.Deserialize<Token>(result); token.Raw = result; token.ClientId = clientId; token.TokenType = TokenType.Bearer.ToString(); var certificates = GetCertificates(serverDto, loginDto.TenantName, CertificateScope.TENANT, token); var claimsPrincipal = Validate(serverDto, loginDto.User + "@" + loginDto.DomainName, certificates[certificates.Count - 1], loginDto.TenantName, token.IdToken); if (claimsPrincipal != null) return new AuthTokenDto(Refresh) { Token = token, ClaimsPrincipal = claimsPrincipal, Login = loginDto, ServerDto = serverDto }; return new AuthTokenDto(Refresh) { Token = token, ClaimsPrincipal = claimsPrincipal, Login = loginDto, ServerDto = serverDto }; //throw new AuthenticationException(@"Login Failure: Invalid username or password"); }
public void OnClickAddButton (object sender, EventArgs e) { ActionHelper.Execute (delegate() { if (string.IsNullOrEmpty (TxtServer.StringValue)) { UIErrorHelper.ShowAlert ("Server name cannot be empty", "Alert"); } else if (!WebUtil.PingHost (TxtServer.StringValue)) { UIErrorHelper.ShowAlert ("Please enter valid server name or ip address", "Alert"); } else if (string.IsNullOrEmpty (TxtPort.StringValue)) { UIErrorHelper.ShowAlert ("Please enter valid server STS port", "Alert"); } else if (string.IsNullOrEmpty (TxtTenant.StringValue)) { UIErrorHelper.ShowAlert ("Please enter valid tenant name", "Alert"); } else if (this.CbSaml.StringValue == "1" && string.IsNullOrEmpty (TxtStsEndpoint.StringValue)) { UIErrorHelper.ShowAlert ("Please enter valid STS endpoint", "Alert"); } else if (string.IsNullOrEmpty (TxtUsername.StringValue)) { UIErrorHelper.ShowAlert ("Please enter valid username", "Alert"); } else if (string.IsNullOrEmpty (TxtPassword.StringValue)) { UIErrorHelper.ShowAlert ("Please enter valid password", "Alert"); } else { var legacy = this.CbSaml.StringValue == "1"; ServerDto = new ServerDto () { ServerName = TxtServer.StringValue, Port = TxtPort.StringValue, Tenant = TxtTenant.StringValue, Protocol = CbSsl.StringValue == "1" ? "https" : "http", TokenType = legacy ? TokenType.SAML : TokenType.Bearer, Url = LblUrl.StringValue, StsUrl = string.IsNullOrEmpty(TxtStsEndpoint.StringValue) ? string.Empty : TxtStsEndpoint.StringValue }; LoginDto = new LoginDto { User = TxtUsername.StringValue, Pass = TxtPassword.StringValue, DomainName = TxtTenant.StringValue, TenantName = TxtTenant.StringValue }; NSApplication.SharedApplication.StopModalWithCode (1); // if(!_changeServer) // { // var mainWindowController = new MainWindowController (ServerDto); // mainWindowController.Window.MakeKeyAndOrderFront (this); // } } }); }
public Token Refresh(ServerDto serverDto, LoginDto loginDto, Token tokenToRefresh) { var auth = Authenticate (serverDto, loginDto, string.Empty); return auth.Token; }
public void OnClickAddButton (object sender, EventArgs e) { if(IsValid()) { var serverDto = new ServerDto { ServerName = TxtServer.StringValue, Tenant = TxtTenant.StringValue, Port = TxtPort.StringValue, Protocol = CbSsl.StringValue == "1" ? "https" : "http", TokenType = CbSaml.StringValue == "1" ? TokenType.SAML : TokenType.Bearer, Url = LblServerUrl.StringValue, StsUrl = string.IsNullOrEmpty(TxtStsUrl.StringValue) ? string.Empty : TxtStsUrl.StringValue }; var login = new LoginDto { User = TxtUsername.StringValue, Pass = TxtPassword.StringValue, DomainName = TxtDomain.StringValue, TenantName = TxtTenant.StringValue }; try { TxtIDTokenString.StringValue = string.Empty; TxtAccessTokenString.StringValue = string.Empty; TxtRefreshTokenString.StringValue = string.Empty; TxtSamlToken.StringValue = string.Empty; if (CbSaml.StringValue == "0") { if (RdoTypeGroup.SelectedTag == 1) { var auth = SnapInContext.Instance.ServiceGateway.Authentication.Login (serverDto, login, Constants.ClientId); PopulateToken (auth); } } else { if (RdoTypeGroup.SelectedTag == 1) { var auth = SnapInContext.Instance.ServiceGateway.SamlTokenService.Authenticate (serverDto, login, Constants.ClientId); var bytes = Convert.FromBase64String (auth.Token.AccessToken); var token = System.Text.Encoding.Default.GetString (bytes); TxtSamlToken.StringValue = token; } } } catch (WebException exp) { if (CbSaml.StringValue == "1") { if (exp != null && exp.Response != null) { var resp = new StreamReader (exp.Response.GetResponseStream ()).ReadToEnd (); UIErrorHelper.ShowAlert (resp, "Error"); return; } else { UIErrorHelper.ShowAlert (exp.Message, "Error"); return; } } else { if (exp.Response is HttpWebResponse) { var response = exp.Response as HttpWebResponse; if (response != null && response.StatusCode == HttpStatusCode.Unauthorized) { var resp = new StreamReader (exp.Response.GetResponseStream ()).ReadToEnd (); var error = JsonConvert.Deserialize<AuthErrorDto> (resp); if (error != null) { if (error.Error == AuthError.InvalidToken) { UIErrorHelper.ShowAlert ("Token Expired", "Error"); } else { UIErrorHelper.ShowAlert (error.Details, "Error"); } } } else { if (response != null && response.StatusCode == HttpStatusCode.BadRequest && response.ContentType == "application/json;charset=UTF-8") { var resp = new StreamReader (response.GetResponseStream ()).ReadToEnd (); var error = JsonConvert.Deserialize<AuthErrorDto> (resp); if (resp.Contains (AuthError.InvalidGrant)) { if (error != null) { UIErrorHelper.ShowAlert ("Invalid username or password", "Error"); } else { UIErrorHelper.ShowAlert (exp.Message + " Details: " + resp, "Error"); } } else { UIErrorHelper.ShowAlert (exp.Message + " Details: " + resp, "Error"); } } else if (response != null && response.ContentType == "application/json") { var resp = new StreamReader (response.GetResponseStream ()).ReadToEnd (); UIErrorHelper.ShowAlert (exp.Message + " Details: " + resp, "Error"); } else { UIErrorHelper.ShowAlert (exp.Message, "Error"); } } } else { UIErrorHelper.ShowAlert (exp.Message, "Error"); } } } catch (Exception exp) { UIErrorHelper.ShowAlert(exp.Message, "Error"); } } }